Corellium Accuses Apple of Using Lawsuit to 'Crack Down on Jailbreaking'

[TiggrToo]

I'm asking you to be clearer. I gave citations of people that are doing exactly what I'm claiming. Care to explain why that is invalid and give me an example of what's not invalid?



I still do not understand the question fully. Can you please make the question in regards to Apple and not Microsoft? I'm quite clueless when it comes to Microsoft so of course I can't give you an answer like you expect.

Do you claim you statement of "jailbreaking gives Apple a bad reputation" is a fact? Or is it your opinion. Simple question.

And as for the 2nd thing: therein lies your problem. You simply don't understand the fundemental argument. There is no difference between my question and what Correlium have done.

Both involve:

a) taking an Operating System produced by a third party
b) ignoring the license agreement/SLA/EULA on where said Operating System can be installed
c) installing said Operating system on multiple virtual machines
d) making said virtual machines available to the general public

You are aware that software like this is licensed and not sold? And that that licence has very clear stipulations as to what you can, and cannot do?

If you do not understand these concepts, then how can you be expected to conduct a valid argument? Right now, all your responses have been very idealistic in tone and tenor.

 

[Jake James]

Do you claim you statement of "jailbreaking gives Apple a bad reputation" is a fact? Or is it your opinion. Simple question.

I think it depends on your definition of fact. My claim is true *generally* (and I proved that by citating comments of people), obviously not true for every human being. If "fact" for you means the latter option, then i do not claim it is a fact.

And as for the 2nd thing: therein lies your problem. You simply don't understand the fundemental argument. There is no difference between my question and what Correlium have done.

Both involve:

a) taking an Operating System produced by a third party
b) ignoring the license agreement/SLA/EULA on where said Operating System can be installed
c) installing said Operating system on multiple virtual machines
d) making said virtual machines available to the general public

You are aware that software like this is licensed and not sold? And that that licence has very clear stipulations as to what you can, and cannot do?

If you do not understand these concepts, then how can you be expected to conduct a valid argument? Right now, all your responses have been very idealistic in tone and tenor.

And your problem lies in the fact that you didn't get what I said, everyone here keeps misunderstanding me. I didn't understand your Microsoft thing, so then I assumed you meant "giving people remote control to your own machine" (essentially what Corellium does) AND I GAVE you my answer: yes, that is legal and not redistribution.

 

[TiggrToo]

I think it depends on your definition of fact. My claim is true *generally* (and I proved that by citating comments of people), obviously not true for every human being. If "fact" for you means the latter option, then i do not claim it is a fact.



And your problem lies in the fact that you didn't get what I said, everyone here keeps misunderstanding me. I didn't understand your Microsoft thing, so then I assumed you meant "giving people remote control to your own machine" (essentially what Corellium does) AND I GAVE you my answer: yes, that is legal and not redistribution.

Will you please answer MY question, not yours.

In addition there is no 'other' definition of the word fact.


fact
\ ˈfakt \
Definition of fact

1a: something that has actual existence space exploration is now a fact
b: an actual occurrence prove the fact of damage
2: a piece of information presented as having objective reality These are the hard facts of the case.
3: the quality of being actual : ACTUALITYa question of fact hinges on evidence

You can't even say it's generally true. Are you saying that the majority of the 1.5bn iOS users out there agree with you?

You are aware that it's highly likely that most users don't even know what a jailbreak even is? ( <----Opinion)

 

[Jake James]

Will you please answer MY question, not yours.

I cannot if the question is about Microsoft. I CANNOT know what Microsoft would do. I know that it's legal but I have no idea if Microsoft thinks the same way. If the question were about Apple I would answer "they would do exactly what they are doing now", but that doesn't mean it's illegal, it just means Apple isn't ok with it.

In addition there is no 'other' definition of the word fact.


fact
\ ˈfakt \
Definition of fact

1a: something that has actual existence space exploration is now a fact
b: an actual occurrence prove the fact of damage
2: a piece of information presented as having objective reality These are the hard facts of the case.
3: the quality of being actual : ACTUALITYa question of fact hinges on evidence

You say that and then give me 3 definitions, cool

You can't even say it's generally true. Are you saying that the majority of the 1.5bn iOS users out there agree with you?

You are aware that it's highly likely that most users don't even know what a jailbreak even is? ( <----Opinion)

I never mentioned the word "majority" nor said majority of users agree with me. I said jailbreaking gives Apple a bad reputation. No number mentioned. For my claim to be true I only need one user to have this opinion "if a jailbreak/security issue exists that means ios security is bad", yet I quoted way more than one user with that opinion, making my claim more believable

 

[TiggrToo]

I cannot if the question is about Microsoft. I CANNOT know what Microsoft would do. I know that it's legal but I have no idea if Microsoft thinks the same way. If the question were about Apple I would answer "they would do exactly what they are doing now", but that doesn't mean it's illegal, it just means Apple isn't ok with it.



You say that and then give me 3 definitions, cool



I never mentioned the word "majority" nor said majority of users agree with me. I said jailbreaking gives Apple a bad reputation. No number mentioned. For my claim to be true I only need one user to have this opinion "if a jailbreak/security issue exists that means ios security is bad", yet I quoted way more than one user with that opinion, making my claim more believable

Quite laughable. You really do not understand the difference between an anecdotal reference and a fact. If I were to say "1 equels 2" does that make it a fact? I'm one person. I just made a statement.

If I were to say "Jake James is a alien from the planet Zrrrck" is that a true statement?

I for one know exactly what Jailbreaking is. I do not - I repeat NOT think it makes Apple look bad as a result.

And as for my Windows 10 question: the fact you do not grasp this shows you're not able to understand the legalities involved. Law is based in precedent, languages, contracts and nuances. Indeed cases have been one or lost on the absence or presence of the veritable Oxford comma.

Your posts here remind me of the ones I used to read on XDA back in the day - when root lovers would claim how they were loved by all when the real truth was that most Android users had zero idea about the subject.

Just because you know something and visit the circles you do, doesn't mean everyone else does.

If I mention to my mum that I'm looking at splitting my databases into containerized shards, she'll look at me blankly.

If I mention it to my employees they will ask more about my idea.

If I go to a local support group, they will offer me help in achieving my aim.

If I ask my wife then she'll give me the "that's nice, dear" look.

Now, if I were to say "Most people understand database sharding and containerization" is that a fact? It may seem to be true with my employees or the support group, but outside of that?

Do you know what I'm talking about without looking it up?

The same is true with jailbreaking. Within the community it's everything. Outside? Not so much.

And please do not mistake MacRumors as being representative either.

 

[Jake James]

I for one know exactly what Jailbreaking is. I do not - I repeat NOT think it makes Apple look bad as a result.

You misunderstanding what my claim is. I didn't claim PEOPLE think jailbreaking makes Apple look bad, I claimed that jailbreaking DOES make Apple look bad BECAUSE PEOPLE think the existence jailbreaking is equal to bad security. Do MANY (not the MAJORITY! NEVER said that) people think "jailbreak" means "bad security"? YES, I proved that by giving comments of MANY people. Is that EXACTLY what I claimed many people do? YES, IT IS.

And as for my Windows 10 question: the fact you do not grasp this shows you're not able to understand the legalities involved. law is based in precedent, languages, contracts and nuances. Indeed cases have been one or lost on the absence or presence of the veritable Oxford comma.

I was VERY CLEAR. I couldn't answer your question because I CANNOT KNOW what Microsoft would do because I DO NOT KNOW Microsoft.

Just because you know something and visit the circles you do, doesn't mean everyone else does.

If I mention to my mum that I'm looking at splitting my databases into containerized shards, she'll look at me blankly.

If I mention it to my employees they will ask more about my own.

If I go to a local support group, they will offer me help in achieving my aim.

If I ask my wife then she'll give me the "that's nice, dear" look.

Now, if I were to say "Most people understand database sharding and containerization" is that a fact? It may seem to be true with my employees or the support group, but outside of that?

Do you know what I'm talking about without looking it up?

The same is true with jailbreaking. Within the community it's everything. Outside? Not so much.

And please do not mistake MacRumors as being representative either.

Quite the opposite. The people that think "jailbreak = bad security" are NOT members of the jailbreak community, they're NORMAL APPLE USERS, exactly the ones I'm talking about

 

[ipponrg]

I said jailbreaking gives Apple a bad reputation

The core issue here that many on this forum and Apple forums in general have is that there will be very few citations supporting these inferential/anecdotal(?) statements especially around jailbreaking. Everyone wants facts, but sometimes facts aren’t really exposed from the side of the fence that you are on for hopefully obvious reasons. I’ve made statements here about jailbreaking, but there won’t be many articles analyzing the effect jailbreaking has because it’s something most don’t think about

I do think jailbreaking exposes flaws in Apple’s security, but I also think Apple does a clever job behind the scenes in damage control for their reputation.

 

[Jake James]

The core issue here that many on this forum and Apple forums in general have is that there will be very few citations supporting these inferential/anecdotal(?) statements especially around jailbreaking. Everyone wants facts, but sometimes facts aren’t really exposed from the side of the fence that you are on for hopefully obvious reasons. I’ve made statements here about jailbreaking, but there won’t be many articles analyzing the effect jailbreaking has because it’s something most don’t think about

I do think jailbreaking exposes flaws in Apple’s security, but I also think Apple does a clever job behind the scenes in damage control for their reputation.

Like I said previously, many people think "more issues = worse security" but in reality it's the opposite, more known issues = more fixed issues = less unfixed issues = better security. Apple knows this fact and they're choosing the laziest option: don't try to convince people that they're wrong but try your best at keeping all issues hidden. You'd say, what will the not-clueless people think now? They cannot claim Apple has bad security without having evidence (actual bugs that are undiscovered and used for malicious purposes), so it's a win-win for Apple if they try to stop everyone that wants to publicly expose issues.

 

[bytesynthesis]

We're not talking about the safety of jailbreaks. We're talking about what jailbreaks offer for the security of iOS. Evasi0n exposed a security issue. If it didn't do that, the security issue would've stayed in iOS. Doesn't matter how safe evasi0n was. It caused iOS to be more secure.

You act as if security issues can't be exposed without sketchy jailbreaks. Apple already offers a generous bug bounty program. Nobody is stopping anyone from research.

 

[LordVic]

They created an emulator to duplicate iOS. Then they lied by trying to say this is about jailbreaking and accusing Apple of being against jailbreaking. That’s NOT what Apple is saying.

What Apple says is Corellium can’t make an iOS emulator. It’s irrelevant if someone uses that emulator to aid in making a jailbreak, to do security research or just to test new features.

To try and better understand:

is Correllium using Apple's code to make iOS run on other platforms, or are they just creating an abstract software layer to emulate Apple hardware?

that's going to be a big question IMHO for who is "right"

 

[Jake James]

You act as if security issues can't be exposed without sketchy jailbreaks. Apple already offers a generous bug bounty program. Nobody is stopping anyone from research.

I never said jailbreaks are the ONLY source of security issues, I said they are a BIG source. Big enough that you can't ignore. Also, don't call the jailbreaks sketchy. Not a single jailbreak so far has had any kind of malware.

 

[TiggrToo]

To try and better understand:

is Correllium using Apple's code to make iOS run on other platforms, or are they just creating an abstract software layer to emulate Apple hardware?

that's going to be a big question IMHO for who is "right"

Doesn't matter either way from what I can see. The EULA\SLA stops them from running it on non Apple hardware. Apple vs Pystar found that the SLA held fast on that very issue. SVOTUS agreed in not taking Pystars appeal.

 

[Jake James]

Small fun fact: while reading a comment from saurik (the creator of Cydia) I saw something interesting. Apple isn't forcing anyone to agree on any EULA when downloading iOS. You can straight up download the ipsw no questions asked. And Corellium skips activation (which they must do; they cannot activate virtual devices, Apple's servers would refuse them) which also skips the EULA. So to everyone using the EULA argument: if nobody has accepted to any EULA, they can't possibly break one.
[automerge]1578070027[/automerge]

Doesn't matter either way from what I can see. The EULA\SLA stops them from running it on non Apple hardware. Apple vs Pystar found that the SLA held fast on that very issue. SVOTUS agreed in not taking Pystars appeal.

That case is very different because they are breaking Apple's copyright by redistributing macOS. Corellium isn't redistributing iOS

 

[TiggrToo]

I never said jailbreaks are the ONLY source of security issues, I said they are a BIG source. Big enough that you can't ignore. Also, don't call the jailbreaks sketchy. Not a single jailbreak so far has had any kind of malware.

Again, citations: can you list out all the known reports made to Apple, which came from jailbreaking, and which then forced Apple to do code corrections.

E.g. this was not a jailbreak: https://www.engadget.com/2019/07/30/google-project-zero-ios-interactionless-vulnerabilities-apple/

It did require Apple to make code changes to mitigate.

Checkm8 was a jailbreak - however like ALL the latest jailbreaks, it involved either older hardware or older operating systems. Apple had already mitigated this in not newer hardware because this is a hardware jailbreak.

You alone seem to have this exceptionally high opinion of jailbreaking. Reality shows that it's not as effective as you'd like to think it is.
[automerge]1578070261[/automerge]

Small fun fact: while reading a comment from saurik (the creator of Cydia) I saw something interesting. Apple isn't forcing anyone to agree on any EULA when downloading iOS. You can straight up download the ipsw no questions asked. And Corellium skips activation (which they must do; they cannot activate virtual devices, Apple's servers would refuse them) which also skips the EULA. So to everyone using the EULA argument: if nobody has accepted to any EULA, they can't possibly break one.
[automerge]1578070027[/automerge]


That case is very different because they are breaking Apple's copyright by redistributing macOS. Corellium isn't redistributing iOS

Yes they are. They're making it available on virtual machines. How is that not distributing it?
[automerge]1578070402[/automerge]

Small fun fact: while reading a comment from saurik (the creator of Cydia) I saw something interesting. Apple isn't forcing anyone to agree on any EULA when downloading iOS. You can straight up download the ipsw no questions asked. And Corellium skips activation (which they must do; they cannot activate virtual devices, Apple's servers would refuse them) which also skips the EULA. So to everyone using the EULA argument: if nobody has accepted to any EULA, they can't possibly break one.
[automerge]1578070027[/automerge]


That case is very different because they are breaking Apple's copyright by redistributing macOS. Corellium isn't redistributing iOS

And it's Correlium who are breaking it. Fun fact, the European courts had a case on such an issue a while back and ruled exactly so.

You really should study up on all this before posting. Your posts are full of ideology and dreams, and absent facts and reality.

 

[Jake James]

Again, citations: can you list out all the known reports made to Apple, which came from jailbreaking, and which then forced Apple to do code corrections.

I did. I gave you a link to the iphonewiki with a list of vulnerabilities used in jailbreaks. Everything on that list released before iOS 10 was found by jailbreakers themselves (not security teams). The iOS 12.4 (latest firmware at the time) regression (which affected all devices) was also found by a jailbreaker (he was credited by Apple too). And another fun fact, the 9.3.3 jailbreak used a bug that was already patched in iOS 10 betas. But someone had to release a jailbreak for Apple to release 9.3.4. Why do you think they did that?
[automerge]1578070628[/automerge]

Yes they are. They're making it available on virtual machines. How is that not distributing it?

They're not giving you the ability to download the firmware from their servers. They're only giving you the ability to *use* it

 

[TiggrToo]

I did. I gave you a link to the iphonewiki with a list of vulnerabilities used in jailbreaks. Everything on that list released before iOS 10 was found by jailbreakers themselves (not security teams). The iOS 12.4 (latest firmware at the time) regression (which affected all devices) was also found by a jailbreaker (he was credited by Apple too). And another fun fact, the 9.3.3 jailbreak used a bug that was already patched in iOS 10 betas. But someone had to release a jailbreak for Apple to release 9.3.4. Why do you think they did that?

You have listed one part of the equation. How can you justify that without listing out both parts. Project Zero is a Google security initiative. They're not jailbreakers. Stop conflating the two.

 

[Jake James]

And it's Correlium who are breaking it. Fun fact, the European courts had a case on such an issue a while back and ruled exactly so.

You really should study up on all this before posting. Your posts are full of ideology and dreams, and absent facts and reality.

You can't break a promise you never made. Corellium didn't agree to any EULA. There isn't any EULA that shows up when downloading iOS on apple.com. It literally doesn't exist.
[automerge]1578070791[/automerge]

You have listed one part of the equation. How can you justify that without listing out both parts. Project Zero is a Google security initiative. They're not jailbreakers. Stop conflating the two.

What part of "I never said jailbreaks are the only source of security flaws" you do not understand? Of course there are people that find bugs that aren't jailbreakers, but that doesn't change the fact that jailbreakers are also big contributors to iOS security.

 

[TiggrToo]

You can't break a promise you never made. Corellium didn't agree to any EULA. There isn't any EULA that shows up when downloading iOS on apple.com. It literally doesn't exist.
[automerge]1578070791[/automerge]


What part of "I never said jailbreaks are the only source of security flaws" you do not understand? Of course there are people that find bugs that aren't jailbreakers, but that doesn't change the fact that jailbreakers are also big contributors to iOS security.

Ok, whatever. I'm done. No point arguing with someone about clearly doesn't understand basic law and prior case law.

 

[Jake James]

Ok, whatever. I'm done. No point arguing with someone about clearly doesn't understand basic law and prior case law.

Let's say that skipping terms is wrong. How about the fact that there are no terms whatsoever in apple.com when downloading iOS? There doesn't exist any page that says "read this and click accept in order to download".

And please reply to my second paragraph, it's quite important
"What part of "I never said jailbreaks are the only source of security flaws" you do not understand? Of course there are people that find bugs that aren't jailbreakers, but that doesn't change the fact that jailbreakers are also big contributors to iOS security."

 

[Bgosh]

You can't break a promise you never made. Corellium didn't agree to any EULA. There isn't any EULA that shows up when downloading iOS on apple.com. It literally doesn't exist.
[automerge]1578070791[/automerge]


What part of "I never said jailbreaks are the only source of security flaws" you do not understand? Of course there are people that find bugs that aren't jailbreakers, but that doesn't change the fact that jailbreakers are also big contributors to iOS security.

There is this from apple.com

"All text, graphics, user interfaces, visual interfaces, photographs, trademarks, logos, sounds, music, artwork and computer code (collectively, "Content"), including but not limited to the design, structure, selection, coordination, expression, "look and feel" and arrangement of such Content, contained on the Site is owned, controlled or licensed by or to Apple, and is protected by trade dress, copyright, patent and trademark laws, and various other intellectual property rights and unfair competition laws.

Except as expressly provided in these Terms of Use, no part of the Site and no Content may be copied, reproduced, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted or distributed in any way (including "mirroring") to any other computer, server, Web site or other medium for publication or distribution or for any commercial enterprise, without Apple’s express prior written consent.

You may use information on Apple products and services (such as data sheets, knowledge base articles, and similar materials) purposely made available by Apple for downloading from the Site, provided that you (1) not remove any proprietary notice language in all copies of such documents, (2) use such information only for your personal, non-commercial informational purpose and do not copy or post such information on any networked computer or broadcast it in any media, (3) make no modifications to any such information, and (4) not make any additional representations or warranties relating to such documents."

This seems to be in conflict of what you are saying.

 

[Jake James]

There is this from apple.com

"All text, graphics, user interfaces, visual interfaces, photographs, trademarks, logos, sounds, music, artwork and computer code (collectively, "Content"), including but not limited to the design, structure, selection, coordination, expression, "look and feel" and arrangement of such Content, contained on the Site is owned, controlled or licensed by or to Apple, and is protected by trade dress, copyright, patent and trademark laws, and various other intellectual property rights and unfair competition laws.

Except as expressly provided in these Terms of Use, no part of the Site and no Content may be copied, reproduced, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted or distributed in any way (including "mirroring") to any other computer, server, Web site or other medium for publication or distribution or for any commercial enterprise, without Apple’s express prior written consent.

You may use information on Apple products and services (such as data sheets, knowledge base articles, and similar materials) purposely made available by Apple for downloading from the Site, provided that you (1) not remove any proprietary notice language in all copies of such documents, (2) use such information only for your personal, non-commercial informational purpose and do not copy or post such information on any networked computer or broadcast it in any media, (3) make no modifications to any such information, and (4) not make any additional representations or warranties relating to such documents."

This seems to be in conflict of what you are saying.

Corellium isn't creating a replica of iOS, it's taking the real iOS and installing it in their own hardware

 

[Bgosh]

Corellium isn't creating a replica of iOS, it's taking the real iOS and installing it in their own hardware

Ok, but from my post:

"no part of the Site and no Content may be copied, reproduced, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted or distributed in any way (including "mirroring") to any other computer, server, Web site or other medium for publication or distribution or for any commercial enterprise, without Apple’s express prior written consent."

This seems very clear to me

 

[Jake James]

Ok, but from my post:

"no part of the Site and no Content may be copied, reproduced, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted or distributed in any way (including "mirroring") to any other computer, server, Web site or other medium for publication or distribution or for any commercial enterprise, without Apple’s express prior written consent."

This seems very clear to me

Is this from the EULA? I was pretty clear on that part. The EULA is irrelevant

 

[dumastudetto]

If you've got money, you go to court and win.
If you haven't, don't break the law/provoke multinational corporation with the financial muscle to bury you forever.

 

[Bgosh]

Is this from the EULA? I was pretty clear on that part. The EULA is irrelevant

Agree to disagree. You said there want's anything that Corellium agreed to on apple.com. That's what I was responding to. Take it easy ✌